ACK Edge v1.18 Release Notes & Key Updates - Container Service for Kubernetes

ACK Edge is a cloud-edge integrated managed solution provided by Container Service for Kubernetes (ACK) for edge computing scenarios. This topic describes the release notes for ACK Edge of Kubernetes 1.18.

Version

ACK Edge cluster version: 1.18.8-aliyunedge.1

What's new

Cloud-edge operations channel and monitoring

tunnel-server now intercepts and handles edge operations and monitoring traffic based on cluster Domain Name System (DNS) resolutions instead of the iptables rules of individual nodes. This change brings three improvements:

Prometheus and metrics-server no longer need to run on the same node as tunnel-server.
tunnel-server can be deployed across multiple pod replicas, with load balancing applied across all nodes.
A new meta server module is added to tunnel-server for handling Prometheus metrics and debug/pprof. The tunnel-server endpoint is http://127.0.0.1:10265 and the edge-tunnel-agent endpoint is http://127.0.0.1:10266. To change the default port, set the --meta-port startup parameter on either component.

Autonomy of edge nodes

edge-hub improves edge caching, health checks, Service endpoints, and traffic analysis to strengthen edge traffic autonomy and in-cluster access to kube-apiserver. Specific changes:

Traffic topology of Services at the edge is now supported natively by edge-hub, without depending on Kubernetes feature gates.
edge-hub automatically updates the endpoint of a Service at the edge to the public endpoint of the cluster's kube-apiserver, allowing edge applications to access the cluster in in-cluster mode.
edge-hub can cache CustomResourceDefinitions (CRDs). For example, the nodenetworkconfigurations CRD, which stores network information for Flannel, can now be cached.
Health checks are improved: edge-hub now sends Lease heartbeats instead of healthz requests.
edge-hub listens on port 10261 for forwarding requests and port 10267 for local requests such as liveness probes, metrics, and pprof of yurthub.
The node_edge_hub_proxy_traffic_collector metric is now available. It shows the traffic generated when node components such as kubelet and kube-proxy access Kubernetes resources, including pods and Deployments.

Cell-based management at the edge

The UnitedDeployment controller now supports a Patch field in cell-based management. Use this field to customize configurations per node pool. For example, to deploy nodes in different node pools using different local image repositories, specify a separate image address for each node pool in the Patch field.

Edge nodes

Nodes running Ubuntu 20.04 can now be added to edge Kubernetes clusters.

Edge network

The Flannel cloud-edge network is optimized. List and watch operations are now performed on the related CRDs instead of on nodes directly, reducing the traffic generated by these operations.

Traffic management annotations are also updated. For details, see Annotations about traffic management at the edge.

Before you upgrade

The valid values of the openyurt.io/topologyKeys annotation for traffic management have changed in Kubernetes 1.18. Review the following changes before upgrading.

Annotations about traffic management at the edge

The following table describes the annotation keys supported in Kubernetes 1.16:

Annotation key	Annotation value	Description
`openyurt.io/topologyKeys`	`kubernetes.io/hostname`	The Service is accessible only by the node on which it is deployed.
`openyurt.io/topologyKeys`	`kubernetes.io/zone`	The Service is accessible only by nodes in the same node pool.
N/A	N/A	Access to the Service is unlimited.

In Kubernetes 1.18, the valid values of openyurt.io/topologyKeys are updated. The valid values are now kubernetes.io/zone and openyurt.io/nodepool. Both values specify that the Service is accessible only by nodes in the same node pool. Use openyurt.io/nodepool as the value.